Apache::CodeRed - Responds to CodeRed worm attacks with e-mail warnings
In your httpd.conf, put the following: PerlModule Apache::CodeRed <Location /default.ida> SetHandler perl-script PerlHandler Apache::CodeRed </Location>
This Perl module should be invoked whenever the CodeRed or CodeRed2 worm attacks. We don't have to worry about such attacks on Linux boxes, but we can be good Internet citizens, warning the webmasters on infected machines of the problem and how to solve it.
If the remote IP address fails a reverse DNS lookup, we don't send e-mail to anyone associated with that host. (We do, however, submit the IP address to SecurityFocus.) It would be nice to automatically determine which ISP is responsible for a particular IP address, and contact them automatically.
You may distribute this module under the same license as Perl itself.
Reuven M. Lerner, reuven@lerner.co.il Thanks to Randal Schwartz, David Young, and Salve J. Nilsen for their suggestions.
mod_perl.
To install Apache::CodeRed, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Apache::CodeRed
CPAN shell
perl -MCPAN -e shell install Apache::CodeRed
For more information on module installation, please visit the detailed CPAN module installation guide.